We’ll try that, thanks for the suggestion. I don’t recall us using that anywhere else … Would be great if it works!
I’ll let you know. Thanks Jim. ~ Laz Peterson Paravis, LLC > On May 13, 2017, at 3:57 PM, Jim Thompson <[email protected]> wrote: > > > Maybe NAT traversal? > > https://wiki.strongswan.org/projects/strongswan/wiki/NatTraversal > >> On May 13, 2017, at 5:30 PM, Laz C. Peterson <[email protected]> wrote: >> >> Hello everyone, >> >> We’re having a pretty interesting problem here … >> >> To give you the quick summary, we have AT&T U-Verse “Business Fiber” (which >> is a fancy way of saying it’s actual fiber, but the budget kind …) and have >> very serious issues establishing any TLS or SSL encrypted connections >> through IPSec tunnels. >> >> If we plug a SonicWALL device in, same tunnel settings, we have no issues at >> all. But our pfSense device (it is a SG-2440) struggles very hard and we >> cannot do simple encrypted services over this tunnel — including downloading >> email, synchronizing AD domain servers, or even rsync over SSH. >> >> It’s been very troubling. When plugging in the SonicWALL, all of these >> services work completely flawlessly. The second we use the pfSense, none of >> the encrypted protocols through the tunnel work. >> >> I’ve been thinking about MSS and MTU, but I really don’t know where to >> begin. The SonicWALL seems to be able to figure these things out on its own >> (if that’s even the issue). But I’m at a total loss. >> >> Any suggestions? >> >> ~ Laz Peterson >> Paravis, LLC >> _______________________________________________ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
